CVE-2019-0344

Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://launchpad.support.sap.com/#/notes/2786035	Permissions Required Vendor Advisory
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sap:commerce_cloud:6.4:::::::*
	cpe:2.3:a:sap:commerce_cloud:6.5:::::::*
	cpe:2.3:a:sap:commerce_cloud:6.6:::::::*
	cpe:2.3:a:sap:commerce_cloud:6.7:::::::*
	cpe:2.3:a:sap:commerce_cloud:1808:::::::*
	cpe:2.3:a:sap:commerce_cloud:1811:::::::*
	cpe:2.3:a:sap:commerce_cloud:1905:::::::*

History

07 Oct 2024, 14:15

Type	Values Removed	Values Added
References	~~() https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 - Vendor Advisory~~	() https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017 - Broken Link

Information

Published : 2019-08-14 14:15

Updated : 2024-10-07 14:15

NVD link : CVE-2019-0344

Mitre link : CVE-2019-0344

CVE.ORG link : CVE-2019-0344

JSON object : View

Products Affected

sap

commerce_cloud

CWE

CWE-502

Deserialization of Untrusted Data

{"id": "CVE-2019-0344", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2019-08-14T14:15:16.463", "references": [{"url": "https://launchpad.support.sap.com/#/notes/2786035", "tags": ["Permissions Required", "Vendor Advisory"], "source": "cna@sap.com"}, {"url": "https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=523998017", "tags": ["Broken Link"], "source": "cna@sap.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-502"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection."}, {"lang": "es", "value": "Debido a una deserializaci\u00f3n no confiable usada en SAP Commerce Cloud (virtualjdbc extension), versiones 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, es posible ejecutar c\u00f3digo arbitrario en una m\u00e1quina de destino con derechos de usuario 'Hybris', resultando en Inyecci\u00f3n de C\u00f3digo."}], "lastModified": "2024-10-07T14:15:36.537", "cisaActionDue": "2024-10-21", "cisaExploitAdd": "2024-09-30", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:commerce_cloud:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6E1C7951-7EDB-4BFC-ABF2-906778CD058F"}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:6.5:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B9D2F233-16BB-4E4F-8FA3-FB03A0C198E5"}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:6.6:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CB45CC6E-1837-4B0A-9F78-730161506D6D"}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:6.7:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F32D694A-18E7-40E3-8EE0-9A240DED7A34"}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:1808:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5649AB0A-1D84-4716-A178-F196A1DA9C1A"}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:1811:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A9DE60D1-95FF-4220-AE63-2C351781FDA1"}, {"criteria": "cpe:2.3:a:sap:commerce_cloud:1905:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19E11B22-F514-48D6-B78F-8A64CE1BA364"}], "operator": "OR"}]}], "sourceIdentifier": "cna@sap.com", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "SAP Commerce Cloud Deserialization of Untrusted Data Vulnerability"}